Mobility disruption: A CIO perspective

Enterprise mobility is poised to fundamentally change the IT landscape. Here’s an overview of the opportunities and some early lessons on how to manage the associated security risks, costs, and organizational challenges.

Chief information officers are no strangers to change. Mainframes, personal computing, and the Internet have all transformed the world of business technology for both enterprises and technology vendors. Now, CIOs see the next disruption coming fast.

Mobility—rising from its humble beginnings—is on a roll, driven by ever-higher-performing smartphones, tablets, and other devices enabled by 3G and 4G networks, as well as an explosion of innovative applications. Indeed, we believe that enterprise IT is on the brink of a revolution that promises to boost productivity by expanding office functionality beyond the brick-and-mortar location. There are opportunities galore, but cost, governance, and security challenges must also be reckoned with.

A steep adoption trajectory

The mobility landscape is, in many ways, similar to that of the Internet of the late 1990s, which was driven by consumer adoption and constant innovation. Consumers use mobility extensively in their personal lives and are demanding it in their professional lives. When we recently surveyed 250 CIOs on their mobility strategies, 56 percent reported strong demand from employees to support a wide range of mobile devices. Seventy-seven percent of CIOs were planning to allow staff to use personal mobile devices to access company data and applications. Almost all the CIOs said they expected to deploy more than 25 mobility applications in the next two years.

Mobile-device innovations are being introduced at a frenetic pace, with new categories and subcategories (for example, enterprise-focused tablets) emerging every few months. With each innovation comes a new set of uses and opportunities. Thirty percent of the CIOs we surveyed said laptops could be replaced by tablets in the coming years.

Supporting the mobile revolution is a broad set of cloud-based applications that enable mobile devices to overcome many of their inherent limitations and allow users to access their content, regardless of the storage capacity of their devices. Cloud-based enterprise applications enable ubiquitous access to critical enterprise resources, such as customer relationship management (CRM).

Business cases for mobility

Mobility can serve business in four primary areas:

Employee communication. Greater access to e-mail and calendars, as well as voice, video, and messaging applications, will enhance employee-to-employee communication. The chance to have spontaneous mobile videoconferences is one example.

Out-of-office productivity. Remote access to content and applications allows workers to take full advantage of their out-of-office time. Providing mobile access to CRM, enterprise resource planning (ERP), and executive dashboards, for example, enhances employee productivity in core business areas. For workers whose on-the-clock time is out of office by design (for instance, members of sales and field forces), mobile IT enhances their productivity by bringing office assets to the field in ways never before possible. While laptops have enabled some mobility in the past, “anywhere access” and cloud-based applications have dramatically increased the benefits.

This goes for administrative tasks as well. An employee can do his expense reporting, for example, before even returning from a business trip by using his mobile phone to submit electronic receipt images.

Sensor networks. Smart sensors can automate or control processes and systems, making them more efficient. Sensors can also give products new capabilities and spark novel business models. In health care, for instance, sensors used or worn by patients continuously report changes in health conditions to physicians, who can adjust treatments or proactively engage the patient when appropriate.

A new channel to customers. Mobile IT isn’t just good for productivity. By increasing the number and depth of touchpoints, mobility innovations can allow businesses to engage their customers in fundamentally new ways.

The challenge for CIOs

Mobility has the potential to greatly improve business performance, but in our experience, it comes with three major challenges.

Security. Security is the primary barrier to broad mobile deployments within the enterprise: 45 percent of the CIOs that we surveyed viewed security as a major challenge.

In previous mobility deployments, organizations could manage risks by providing employees with a single supported and secured device that could access the company’s information assets. Now, most workers carry a smartphone or tablet for both personal and business uses. This proliferation of wireless devices extends the reach of the company’s wired information infrastructure. But by doing so, the information also becomes more vulnerable to breaches, despite recent improvements in mobile-device-management solutions and device security. Among the risks: lost or stolen devices with sensitive data stored on them.

Companies with successful mobile strategies tend to involve corporate security staff early in strategy development, embed security as a core component of the mobile architecture, and develop clear mobile policies that balance user demand with security requirements. Some companies are making this trade-off by limiting which applications can be locally installed on mobile devices. At some companies, for example, ERP systems can be accessed but not locally installed, which ensures that data do not leave the premises.

Sidebar

Make your enterprise mobile

Embracing mobility will affect all areas of the enterprise IT organization. We have
identified four key steps to developing and implementing a holistic mobility strategy.

1. Define your mobile policy

The first step in enabling mobility is to create a clear set of policies that will guide the IT strategy and employee expectations. Central to the strategy is the decision on how to treat personal devices. Businesses must balance employee demands, which may entail unfettered usage of all personal devices, with the enterprise’s need for security and IT platform consistency. Primary components of a mobility policy should thus include device choice, usage restrictions, and funding—for instance, should employees pay for the device and connectivity costs?

2. Build the support infrastructure

There are a number of critical infrastructure components in any implementation, including e-mail and mobile-device-management solutions. Each will require architecture redesign, vendor evaluation, and integration with existing IT planning. These are all “no regret” moves that CIOs can start tackling today.

3. Identify priority user segments and understand their needs

Business cases aren’t all created equal, and most of the business value is likely to reside in a small number of critical user segments, such as salespeople and field staff. The first step is to identify these users, then understand the specific ways in which mobility can help them create more value. Thoughtful pilots can then be used to test ideas and develop business cases.

4. Integrate mobility into enterprise IT

Integration will require a reassessment of the architecture and application road map within each IT organization. One key question to ask yourself: does my application road map fully consider the mobile needs of our end users? Integration will also require significant short-term project reprioritization to develop and deploy the solutions required by high-value user segments. A robust governance structure will help manage the change and ensure that IT and business leaders focus investments on the areas of greatest impact.

Cost. Mobility is expensive—41 percent of CIOs cited cost as a critical challenge. The costs of the actual devices and connectivity vary but are typically between $600 and $700 annually for an iPad or comparable tablet. Included in this are infrastructure costs that include technical components such as mobile-device management, expanded e-mail capacity, and help-desk support. These costs typically total $150 to $250 annually per device. Application costs will vary greatly, depending on the number and type of applications and the way they are enabled for mobile.

Businesses can manage the cost issue by adopting a tiered approach that focuses application investment on the user segments and use cases that create the most value, while providing only basic services to the broader user population. This will maximize value while being responsive to consumer demand and providing the foundation for new use cases to emerge. Some enterprises have implemented this approach by allowing all employees to bring their personal devices and providing them with only basic enterprise applications, such as e-mail and the company directory. Most application resources are then available to focus on the highest-value segments; they can, for instance, provide salespeople with devices and a set of customized applications that help drive revenue.

The way enterprises enable their application portfolios for mobility affects cost. IT functions should work with their software vendors to understand and shape their mobile capabilities. For mobile use cases that cannot be efficiently addressed with commercial applications, companies have three options. Developing new mobile applications generally provides the best user experience but is expensive. An alternative for Web-enabled applications is access through a mobile browser, potentially with an interface optimized for mobile. Virtual-desktop integration is a good option for the “long tail” of applications that are occasionally used on mobile devices because there are limited or no application changes required. For core applications, on the other hand, usability issues limit the appeal of this approach.

Governance. Mobility poses unique management challenges. It doesn’t clearly fit within any traditional IT silo, as it affects application development, business processes, infrastructure, and operational processes. Significant changes will be required in each of these areas. One example is that IT and business leaders may need to reprioritize the application portfolio on the basis of mobility needs. Mobility also requires a flexible strategy that can be adjusted regularly to adapt to changes in the mobility landscape, for example, the introduction of Windows-based tablets. Addressing these challenges requires an active, cross-functional governance structure.

One leading company established a mobility “core team” consisting of four members, each representing a specific area: the business, IT applications, IT infrastructure, and IT policy. The team was responsible for conducting semiannual strategy and policy refreshes, as well as coordinating implementation of the strategy, for example, through ongoing pilots. The core team reported to the enterprise CIO each month and was empowered to make significant changes within the IT organization. Beyond the core team, mobility became a key component of the overall IT governance council, which was responsible for prioritizing mobility expenditure across the enterprise.

Mobility is the new IT frontier, and the race is on to fully reap the potential benefits. To do so, CIOs (and the technology companies that serve them) will need to address challenges and concerns so that they can deliver a set of secure and reliable services in an environment of constant complexity and change.

About the authors

Janaki Akella is a principal in McKinsey’s Silicon Valley office; Brad Brown is a director in the New York office, where Lawrence Wong is a principal; and Greg Gilbert is an associate principal in the New Jersey office.

Stay connected

About Insights & Publications

The creation of knowledge supports McKinsey’s core mission: helping our clients achieve distinctive, lasting, and substantial performance improvements. We publish our insights and those of external experts to help advance the practice of management and provide leaders with facts on which to base business and policy decisions. Views expressed by third-party authors are theirs alone.